During this session Jim will discuss the HIPAA audit program and how it works, and describe the areas that caused the most issues in the 2012 audits and that are likely to be the target of the 2016 audits. He will review what kind of issues were most prevalent, what type of entities had the most problems, and show where organizations need to improve their compliance the most. He will also explore the typical risk issues that lead to breaches of health information and see how those issues may be targets for auditors in 2016. Jim will examine the updated HIPAA Audit Protocol as well as other questionnaires that have been used in the past and may be used to help prepare an organization for a future review. Methods for using the contents of the HIPAA Audit Protocol will be shared so organizations can build their own compliance plan by extracting the contents and relating compliance activities and documentation directly to the questions that might be asked, thereby creating a compliance management tool to ensure continued compliance improvement.